Zombie Dawgs have come back to the site and revived it… well, somewhat. At the very least I upgraded it once again while doing some long overdue server maintenance and running some backups. Some old stuff died, some stuff got upgraded, and some stuff will soon be revived.

This is just a quick post to let everyone know that I am still alive and the site is still alive. I have been super busy with other real life issues (I got Yoko pwn-o’ed) but I am back working on content again. The site is updated and I am working on a few little tweaks here and there.

Keep in mind that this site is more for projects from the group, but if you are interested, you can read my personal blog over at binrev.com which is where I post and hang out more frequently.

Enjoy the snow! We sure don’t get it in Florida so I added some virtual snow to the site temporarily.

Most of you don’t know my personal life, but I have been going through a rough year. You can look back through my personal blawg for some of the boring details. During this time, I have not gotten a haircut. I had grown a little mohawk/fauxhawk the last time I got it cut which was back in mid-June so even when I had it cut then, it was still pretty long on the top. Now, I have a full on “wh4fro” (White Afro…for hackers). So after a bad breakup, I pretty much decided to let my hair keep growing just for the fun of it and to “bring it back”. I am rocking the visor and the old 70s white basketball player look and I can pull it off…well, I keep telling myself that anyway. I am ready to move on with my life and put 2009 behind me and move on to 2010 and start anew. I decided to rock this out until the end of the year and then start the new year with a haircut as a sort of “cleansing” act for my life.

So…I figured that since I will be cutting my hair anyway…why not dramatard it up with a full buzzcutt! I decided that I can use my pathetic whiny life to the benefit of someone else. One of my philosophies in life has always been that no matter how bad you think you have it, someone else has it worse and you can always help someone else. I want to apply this by turning my self-renewal into something positive for someone else. I have always supported the EFF so I thought that I would do a fundraiser to shave my hear for “Internet freedom”! How is that for a fucking dramatard announcement?

Here are the details:

As far as the haircut goes, I will do it over the Christmas break. I will take a set of clippers and just buzz right through it all…OK, I won’t personally, but someone will buzz it for me. I will not shave it with a razor, just a buzzcut. I will film it for an episode of HackTV (probably the PWNED series, that sounds about right) for proof. You don’t have to care about the haircut at all to donate and/or participate. The haircut is just my way of making this fun and trying to give my grown as a person some significance. You can ignore the haircut and do it totally for the perks listed below.

All money will be collected and donated to the EFF after the Christmas break. I will post totals. None of it will go to BinRev. I will eat the cost of the items listed below, including shipping. 100% of your donation will get to the EFF.

Whats in it for you?

We will accept donations of any size! All you have to do is submit your donation to orders@binrev.com which is our standard paypal account. Just put in a description or a note that your donation is for the EFF fundraiser and I will make sure that it gets included. If you donate one of the tiered amounts below, you will receive the benefits listed.

Tier 1: $25.00

Free 1 year membership to the financiers group with all of the benefits that it currently offers. If you already are a member of the financier group, I will extend it.

I will announce the HackTV episode in this group first, so you will be one of the first to see me make a fool out of myself.

My gratitude.

Tier 2: $50.00

All of the perks from tier 1.

1 BINREV T-shirt (while supplies last, but I have a bunch of these left…mostly XL only, other sizes are first come, first served.).

Tier 3: $100.00

All of the perks from tier 1 and tier 2.

Copies of < BR > magazine (while supplies last…I have very limited supplies of these so donate early!) There are 3 total issues. I will personalize them for you if you want, just tell me in the notes of your donation.

Every little laptop sticker that I have laying around(from our friends at Memestreams, no starch press, and all kinds of other things), including a small number of < BR > stickers.

FAQTHBAY (Frequently asked questions that have not been asked yet):

Q: How do I know that this will make it to the EFF?
A: I will provide totals and counts of all donations at the end.

Q: Can I donate anonymously?
A: Of COURSE! I will not drop docs. You can also donate directly to the EFF if you prefer.

Q: How long will it take to get my stuff?
A: Well, be patient with me. I will try to get everything out by the end of January 2010. I will get the accounts created as quickly as I can and hopefully as soon as I see the donation. Keep in mind that I will be out of town on vacation and then again on the Christmas holidays.

Q: Don’t I remember you complaining about “beg-a-thons” back on BinRev Radio?
A: Yes. Actually, I just hate the beg-a-thon over and over again seemingly all the time. This is the first such event that I have conducted EVER so I don’t feel like a total hypocrite…just a partial one.

Q: Can I be your “baby mama”?
A: I am single again. 😉

WHAT I NEED FROM YOU GUYS and GALS:

Publicity! I need you guys to get the word out. Even if people don’t know or care about StankDawg or binrev, just get them to support the cause of the EFF! Emphasize that they will get perks of extra access to the forums, free blogs at binrev, and generally tell them what a great community we have here! Blog about it (you are using your free blogs here at binrev, right?) everywhere! Post in other forums. Do anything else that you think will get the word out and help[ us raise money for the EFF! I am sincere and I want this to be one of the biggest things that we have ever done. We have done smaller efforts in the past for the EFF, but in case this is my full retirement swan song (and I am not saying that it is or is not) I would like to leave something behind and feel that I helped someone in the process.

Participate! Hell, if anyone else wants to shave their head with me, upload some pics before/after and we can do it as a group! It will be fun! If you want to donate something for one of the tiers, let me know!

Support! Sincerely, this is all for the EFF. Put all of my sillyness and drama aside. I am having fun, but I am seriously trying to do something good here. I know times are tough, but please donate whatever you can. It will all go to the EFF and I will announce the totals and make sure it is all on the up-and-up. If you donate the amounts shown above, you will even get something to show for your donation from us. So you are getting something back for your donation. I will eat the cost of the shirts and magazines and shipping and all of that. 100% of your money will go to the EFF.

Just got a new BlackBerry at work. While I’m not normally much of a “mobile” guy, it’s an interesting little device. Word on the street today is that the government of India has successfully cracked the encryption that RIM uses on the BlackBerry network.

One of our neighbours recently got a new dog, unfortunately however it seems to have an uncontrollable tendency to bark at all hours of the day and night.

Therefore I started looking for possible solutions to this problem. After some brief research purchasing a dog whistle (usually used for dog training) seemed the logical choice, since according to Wikipeida they produce a frequency between 16000 Hz and 22000 Hz (the ultrasonic range from 20000 Hz upwards being outside that audible to the human ear) – perfect since the goal is not to add an annoying whistling sound to an existing dog barking sound.

A dog whistle however is a rather low tech approach, therefore I decided to make an electronic whistle. The first step was purchasing some speakers that can operate in the ultrasonic range. It turns out that general purpose tweeters (Maplin: WF09K) can do 4 kHz to 40000 Hz, I found a set of 4 going cheap on eBay. The problem then becomes generating the ultrasonic sound to power the speakers, I was considering purchasing a cheap second hand car audio amplifier from eBay and using the computer to generate the sound but it seemed like more work than it should be. After checking the Maplin site again I found out they sell an "Ultrasonic Pest Repeller" which produces a frequency adjustable between 12 kHz and 38 kHz.

I was not sure if connecting the Pest Repeller straight to 4 (150Wmax / 75Wrms) tweeters would work however it actually works too well therefore making the next step adding a volume control and perhaps purchasing some hearing protection before trying it out.

Also worth noting that some commercial products seem to use tweeters that look very similar to the ones I chose.

One of my favorite hobbies recently revolves around the amazing quality of HD video. I find myself stopping movies and TV shows frequently to see what things I may find in the background or in those short moments of fast activity to see what might have been inside of one or two little frames. You can not only freeze frame onto specific moments using DVR technology, but combined with HD quality, you can usually make out words and details that we could never see before.

This time I was watching Mythbusters on DiscoveryHD and I found some interesting things. I am not able to get a screen capture easily (yet) but I can transcribe some of it.

At 4:36 into the 08/27/2008 episode about the moon landing conspiracy, Jamie is standing near the studio door with a sign behind him. It is only for a couple of seconds, but I was able to make out that it said:

MYTHBUSTERS FANS

GLAD YOU LIKE THE SHOW!

HOWEVER, WE ARE NOT SET UP FOR TOURS, VISITS, OR AUTOGRAPHS – PLEASE DON’T RING THE DOOR OR KNOCK.

WE ARE INTENSIVELY SHOOTING THE SHOW AND NEED ALL AVAILABLE TIME TO DO THAT. PICTURES TAKEN IN FRONT OF THE SHOP ARE OK.

Now I found this pretty interesting. Obviously fans have discovered where the studio is and this must happen to them on occasion. I guess I am not the only one to pay such unusual attention to detail on TV.

I also have been keeping an eye on the contents of the warehouse itself over multiple episodes. Inside of the warehouse where they work, they have many shelves of materials and they are organized enough to label them. While many shots are taken with thee in the background, it takes a lot of freezing to put together a list of contents. I will not put a complete list here, but here are just a few of the many things that they keep around the lab:

I also saw a box of “OFFICE DEPOT” branded “cushioning material” on a shelf. I guess the budget is pretty tight there or they just like Office Depot. They also have a ton of different epoxies, pastes, grouts, and other building materials.

Mix in a few strange box labels like these and you have a show…or a pr0n movie:

A part review / part guide to OS X from a Windows users point of view.

"An unexpected experience with the Mac came after I left it alone running in a dark room for the first time."

After recent issues with Windows Vista, and since a new updated version of Apple’s operating system had just been released I decided it was about time to look at OS X again. I was also in need of a new laptop, therefore decided to pick up a 15" Mac Book Pro around a month ago. This is not my first Apple computer, I had a Mac Mini (non Intel) however it just did not seem particularly powerful so I never seriously used it.

I had considered running OS X on a PC via the various hacks available however this may have resulted in a less stable operating system, and I wanted to experience OS X how it was designed to run on Apples own (more stable?) hardware platform.

I purchased my Mac Book Pro at the Apple retail store in Bluewater along with an external USB keyboard. I was asked if I wanted to purchase Apple Care i.e. 2 years extra hardware warrantee along with telephone support. An extended warrantee on any laptop is usually not a bad idea, however it was no cheap at around £300 so I decided not to purchase it at that time (I was told that if you change your mind, you can still purchase it, but only in the first year after purchase on the laptop).

My initial experience with the Mac Book Pro was not entirely positive. I had assumed (seeing as it was a new machine, and Leopard had been out for around a 2 months) it would come pre installed, but part way through installing various applications I was going to try out I discovered that it did not actually have OS 10.5 loaded, but rather a previous version, and that I would need to load it from CD. I decided to do a full wipe and install to avoid any possible issues, which then meant reinstalling all my applications again.

After getting the Mac up and running one of the first things I did was to enable the trackpad based right click (i.e. two finder tap), rather than the alternative of ctrl clicking however it turns out that right click is not as useful as I was expecting it to be (there is no file delete option for a start). The other option I enabled was "two fingers to scroll" which has proved incredibly useful, especially when using Safari, but also in Finder, and various other applications that require scrolling. I also enabled trackpad "dragging", however this turned out to be a mistake – I accidentally dragged a number of things to placed I should not have, including my "home" alias in finder, which resulted in it disappearing but luckily I was following directions from Apple support (first 90 days free with a new purchase) at the time for another issue so the problem was swiftly resolved).

The other issue I called Apple support for was that Safari kept crashing every time I visited a certain reasonably well known gadgets / electronics blog. I was expecting some websites not to display quite correctly, and perhaps some JavaScript sites not to work however a full on crash resulting in the loss of all other tabs / Safari windows, along with 100% processor usage which caused the fans to start going (and likely reduced battery life) was not particularly impressive. After trying various combinations of ctrl + alt + command (i.e. Apple key) + backspace (I substituted delete for backspace as there does not seem to be a delete on the keyboard?) with no luck I found out about "Force Quit" available from the menu at the top or via ctrl + command + Escape.

On the topic of keyboard keys it is worth mentioning that the Mac Book comes with a different (non British standard – I am in the UK) keyboard layout. The "@" and quote keys are switched as with standard US layout however the number 3 key has a "£" symbol rather than a "#", this is an issue, as the "#" therefore does not appear on the keyboard at all. Granted I do not use the "#" that often but I do use it (especially when coding Python) so not having it is annoying – I can not work out why Apple would go to the trouble of creating its own UK version of the keyboard with the "£" sign, but then mainly, but not quite following the American convention (for those interested alt + number 3 will get you the "#").

The first time I called Apple support I was not particularly impressed, the guy at the end of the phone did not seem either particularly knowledgeable or willing to help. I was told to reinstall Safari using the CD, which I later found out was not the way to do it (the CD method does not reinstall Safari if it is already installed). The second time I called however was an all together different experience. I spoke to a seasoned Mac user who walked me through step by step removing Safari and reinstalling it, then how to get back my bookmarks (but even so he only did that after I mentioned they had disappeared). Turns out it was not my laptop that had the issue but rather some kind of conflict with the website and the Safari browser in general however if Safari can be DOS’d by a website this is an issue with Safari, not the website.

One of the other things I noticed fairly early on was that cut / pasting files did not seem to work, initially after realising I was not doing anything wrong (Mac does not support cut / pasting of files) I could not work out if this was just because they never got round to coding it, or I was missing something. Turns out that it was not an oversight but rather a philosophical difference to Windows as Apple believes it will confuse the user – not sure I agree but I can live with it, as long as there is a reason.

I had planned on using the Mac Book Pro with an external monitor (as I am used to using 2 / 3 screens on the PC) unfortunately however this did not work out as well as hopped. When using dual screens you need monitors that are the same size (especially when doing web design / using Photoshop), and the Mac Book Pro only supports a single external monitor. I was left thinking perhaps an iMac would have been a better choice however it is my understanding they are more for home users, and also only have the option of a "glossy" screen, which is more suited for watching DVDs / video content than development where you need colours to show up realistically (a Mac Pro is outside my price range). It looks like there are USB based graphics cards that may solve this problem, however I am not sure how well they perform given the limitations of USB. There are also Matrox splitter boxes that will appear to the Mac as a single large display but with these as the Mac does not know they different screens I would guess the dock / applications would by default be split across both screens – not ideal.

Another philosophical difference I came across was that on Mac there is no full screen maximise button (there is a "plus" symbol but it is not a full screen maximise and I have not yet got the bottom of what it does actually do, as when pressed it seems to randomly make some windows bigger / smaller by varying amounts, but not others). The Mac way of thinking is that there is no reason to have windows filling the screen if they do not need to. I will reserve judgement on whether I think this is a good or bad idea until I have had a proper chance to use it, but it certainly seems valid.

I found that learning the reasons for certain differences (e.g .cut / paste, maximise) important and without doing so I would not have been able to keep an open mind when using the Mac. The fact that there is no maximise button however does have some interesting side effects, perhaps the benefit of dual monitors on a Mac is a lot less / non-existent when compared to a PC i.e. a single large monitor would be better?

I have found the Safari web browser reasonable overall so far (after I worked out that it did actually have a status bar that could be enabled via the view menu). The only thing that I am still having trouble with is working out when I have actually clicked to download a file – you do not get any popup windows, downloads just seem to silently happen (silently apart from a subtle icon change in the dock if you catch it in time) in the background then go into the downloads "stack" on the dock (i.e. taskbar). As a side note Safari / iTunes seem to be working a lot better on Windows lately – I could be wrong but it appears they switched from their own custom window handling code to using the existing Windows code and restyling it. Also a nice feature with Safari is that you can drag out any tab and it will move from being a tab in an existing Safari window to a new Safari window.

An unexpected experience with the Mac came after I left it alone running in a dark room for the first time. When I returned the keyboard had lit up, I then proceeded to adjust the room dimmer, and the keyboard light, and display actually started to both brighten / dim accordingly – magic! Another unexpected experience was when a slightly worrying mysterious green glow appeared at top of keyboard between F5/F6, after some Googleing it turns out this is the number lock light.

In terms of productivity on the Mac, keyboard shortcuts seem to be the way to go, especially with the right click menu not being as fully featured as could be expected, but considering Apples single button mouse philosophy it is not that surprising. Expose and Spaces certainly look like they will be extremely useful, however I have again not yet had a chance to properly try them out.

It is worth noting that things such as selecting a line (command + left/right arrow) / word (alt + left/right arrow), along with going back up a directory level (command + right bracket), and actually typing in a path (shift + command + g) are possible via shortcuts, it is just a case of finding out what they are. Other useful shortcuts are command + w to close a window, and command + q to close an application. An odd choice by Apple which I have still not quite got to the bottom of is that command + tab switches between applications rather than windows (i.e. if you have multiple windows showing from Safari you can not navigate between then using command + tab). This has left me somewhat at a loss as to how I should quickly navigate between windows. The only way seems to be to either remember which applications have open windows then right click their icons on the dock, or to go to the trouble of minimise each window (so that it will appear in the right hand side of the dock) before switching to (un-minimising) another. Expose seems like overkill if you need to call it up every time you need to change windows, rather than just opening an application by clicking it on the task bar.

A more fully featured version of "Finder" (i.e. Explorer) is called "Path Finder" and although it seems to be a bit buggy in OS 10.5 it does add a number of essential features such as refresh (the absence of which while not generally noticeable with local files is noticeable when working with Windows network shares). On OS X I can understand why it is not included (windows just refresh when needed automatically) whereas in e.g. Explorer sometimes windows refresh automatically, and sometimes they do not. Path Finder is a paid application with an initial free trial. I ended up purchasing it however was not particularly impressed by how it requested payment – I had to sign into my PayPal account using its own browser interface with a nonsensical padlock symbol graphic visible just for show. I realise I am running arbitrary code on the Mac could in theory do anything it likes but I would still rather sign into my PayPal account from a browser where I can see it using "https", and where I know that the padlock symbol only shows up if the connection is really secure, I have no idea what Path Finder is doing with my PayPal account details behind the scenes.

I had planned of using files via Windows shares however my experience so far is that OS X’s implementation of Windows file sharing does not seem to be all that stable / fully featured. I have now switched to using shares via IP address rather than name, as name does not seem all that reliable. Finder has a handy feature of automatically mounting network shares, Path Finder however annoying does not so I find myself mounting shares with Finder then opening them in Path Finder. Another annoying feature is that by default Mac will create hidden files everywhere, these can be disabled by opening terminal and running the following command "defaults write com.apple.desktopservices DSDontWriteNetworkStores true" then rebooting. Since I had planned on accessing files via Windows shares, I setup some shares to automount via System Preferences > Accounts > Login Items, but that seemed to cause the windows to pop up at every boot which got slightly irritating. I have since changed to doing it via Script Editor instead. I still have an issue however with shares where for some reason I need to enter my password whenever I delete files.

I had also planned to use the Mac via VNC (to save using the laptop keyboard / trackpad) however although the Mac includes a VNC server (called "Screen Sharing" under System Preferences > Sharing) I have had issues with the Windows VNC client I was using crashing (appears due to copy/paste and although it is possible to turn off copy/paste support this obviously is not ideal). Another application that looked promising but failed to deliver was Win2VNC, it allows you to move the mouse off the left/right of your Windows PC, and onto that of the Mac, unfortunately however its implementation is buggy on Windows dual monitor setups meaning that the cursor has issues moving back to the correct screen making it unusable.

In term of multimedia, the built in DVD software seems pretty good (as long as you realise how the fast forward / rewind works (you need to click and hold) also the arrow keys are the keyboard shortcut for changing chapters, with different keys for fast forward / rewind). I am not particularly impressed by Quicktime – where are options to skip back/forward x seconds of the video, without using the mouse on the tiny / imprecise horizontal scroll bar, also where is the counter that says how much time is remaining (even Windows Media Player 6 had this, along with Media Player Classic which I currently use on XP).

Among things that were a whole lot less straight forward than they should have been was printing. I have an old HP Deskjet 720C (connected to a Windows 2003 server), and tried various methods such as pnm2ppa, and enabling AppleTalk but none worked properly resulting in either nothing printing, a single line of error text printing, or content printing but margins being all wrong. I eventually managed to get printing working using a modified version of the instructions at iHarder.net which use Ghostscript running on the Windows 2003 server in the middle between the printer and OS X.

For running existing windows applications I had been debating whether to go for Parallels or VMware especially after seeing a number of contradicting articles / opinions however in the end this article from MacTech closed the deal – Parallels has been designed to integrate seamlessly with OS X whereas VMware has been designed to be separate, both approaches are valid but deciding what is best for you depends on what you are looking for.

Brining to a close the list of things I have learnt about the Mac recently is the so called MagSafe power adapter (designed so that if you trip over the power cord there is no damage). Having used a fair few different / obscure connectors in my time on a whole host of different equipment my instinctive reaction (at the absence of any kind of clip mechanism) was to just pull it out horizontally, which was actually pretty difficulty (it has a strong magnet). It turns out however that a much better technique is to pull it up vertically to take it out.

Some of you may know that I do a good bit of traveling for my job. For some reason, I have avoided ever buying an mp3 player of any kind (I can’t stand the ipod). I never found one that I liked. Then I watched the PVP (Personal Video Player) devices come to market. Why bother buying a device that only plays mp3 when I can have one that plays video as well? I was just about to pull the trigger one buying the Cowon A2 device, mostly because it plays XviD and OGG Vorbis and is very open source friendly, but then i found something else.

This device snuck up on me actually. I only wanted a device to watch movies on the plane trips that I take and listen to mp3 in the rental cars. I never even thought about having wireless internet support, but once I saw it, it was a deal maker for me. I usually carry 2 laptops with me when I travel. One nice, clean, unmolested machine for work and another for all of the filthy pr0n that I look at in the hotels. OK, I lied, I pretty much just play party poker and surf the web with it, but you see where I am going here. With this device, I no longer have to carry a heavy second laptop with me all the time! Not only do I get the functionality of audio/video playback, I also get access to the global interweb!

As far as the device itself goes, I have to say that it was frustrating to find any information on it other than the archos sales propaganda. I already know the basics of the device, and I am not going to regurgitate them here. What I will do is fill in some blanks and give a quick review on the device so far.

My first question was what OS does it run? There was no mention on the archos site, but I did find an article on linux devices.com that previews the device that confirms that it runs a form of linux. I have not gone to any lengths to modify it in any way however.

I chose this model in particular because it has built-in wifi. It supports most forms of encryption including some forms of WPA (although not the type that I use at my job so I only get to use it at home). I was a little disappointed in it when it came to usefulness though. This was my fault though, not the device. It clearly stated the specs but I just thought that I would be able to use this as a replacement to my second laptop for simple tasks like web surfing and checking webmail. The screen is not really big enough for that at all. It uses a portable version of the Opera browser in it and while it gets the job done, it really isn’t any better than a modern cell phone browser. The other problem is that the browser does not support HTTPS connections so I am not able to check my mail or login to sites securely. While traveling, this is important to me and a dealbreaker for the browser and the wifi. As it turns out, I never use the wifi.

I was very pleased at how many file formats it plays (although not as many as the cowon mentioned earlier) and have not really found it to be a problem. It plays mp3 files as well as several other audio formats as well. I also played several AVI and WMV files without any problems.

The battery life is a little unpredictable. It seems like some days it will last for 3+ hours while watching videos while other times it will only last 2 hours. I think it has to do with the battery charge meter looking full when it may not really be at the peak capacity but still looks like it is anyway. Either way, the good thing is that even when it runs out of juice for video, with those last few drops of battery power, I get at least another hour for playing music. Since this does not require the screen to be active while it plays, it uses less battery and I find myself on a long flight being able to watch a movie or a couple of videos until the battery gives the “low battery” warning and then still being able to tuck the device into my pocket or lap and listening to music for the rest of the flight.

One bit of advice is to upgrade the firmware immediately after you get one. They have released some patches and updates that make the device more reliable.

All in all, I would recommend this device to anyone who travels or anyone who just wants a gadget that does more than an ipod for about the same price or less.

There was an interesting question raised in this thread in the forums. The person accidentally sent an email to the wrong domain due to a simple typo (gmal.com instead of gmail.com). In answering the question, I realized how dangerous this could actually be.

Incoming mail servers do one job, and that is obviously to receive incoming mail. They look at the destination address and if it exists on the server, take the appropriate action. In most cases, this is to deliver the mail to the proper inbox. This is assuming that the email address is valid and exists on the server. If not, the next action is to go through a set of rules to determine howEntra nesses sites e escolhe o toques personalizados desejado, baixe no seu computador e depois transfira pro seu celular com o cabo de dados. to handle the message for the “invalid” address. It used to be common practice to reply to the sender with a message stating that the email is undeliverable and explain the reason why (“mailbox does not exist”, for example). As the SPAM problem grew larger, this practice has been abandoned and most message are simply discarded. The reason for this is because spammers tend to use false/forged sender addresses and the “undeliverable” response would also confuse the server and get bounced around in the system. If there are too many of these (intentional or otherwise) it can cause a DoS attack against the mail server which cannot handle the overwhelming amount of undeliverable mail.

The scenario above is the most common way of setting up a mail server that I have seen. But what if the intent of the mail server were more sinister than that? Could a mail server be used as a passive MitM (Main-In-The-Middle) attack on mail traffic? In the example from the original post, the domain gmal.com is easily typed on accident and provides a great example scenario.

It is actually an interesting thought. Instead of setting up your rules to discard “undeliverable” mail, what if you were to make a rule that keeps the incoming message? By doing this, you can do a number of interesting things…

1) The first concern is that they are actually reading the mail content. If you send anything personal or useful, they could be catching it. It could be personal information like phone numbers, home addresses, resumes, or other stalker-esque stuff. It could also be sensitive server information like usernames and/or passwords. It could be simple embarrassing things like naughty pictures involving you, your dog, and a jar of peanut butter! Any scenario that involves intercepting your personal data is scary.

2) They can certainly be harvesting valid email address by reading the sender address. If the motif is simply harvesting email addresses for SPAM, forget about the common practice of spidering the interweb to grab email addresses from websites. You can sit back and let email addresses come to you! You know that they are real (some invalid address SPAM may slip in, but SPAM blocking software can minimize that) and that they are recent, active, and most likely monitored. This type of mail database is better than random spidered addresses because they are CONFIRMED ACTIVE!

3) If someone who had one of these domains wanted to do a little bit of programming, they could do a really intriguing man-in-the-middle attack by forwarding the email to the assumed destination on your behalf! In the example above, the message gets picked up by the invalid site (gmal.com) which was obviously intended for the valid site (gmail.com) so a script could do all of the items mentioned above AND still pass on the message to the REAL destination, possibly with altered content! This is a paradise for phishers!

A good look at the headers in scenario #3 will show the incorrect server, but most people will not look at this. I would hope that google/gmail (or other similar mail services) would build protection from these common domains in their backend server so that any email from these sites would be clearly flagged as questionable if not blocked outright.

The moral of this story is to be very careful about where you are sending email! Do not get into the bad habit of typing in email addresses on-the-fly since it increases the likelihood that you will make a mistake. Use the address book features of your mail client and be sure that you enter the address properly the first time so that you can avoid this potentially dangerous threat.

The GM862-GPS is a hardware module with support for connecting to the GSM (mobile phone) network and receiving GPS position data. It also includes a Python interpreter, this combination makes it the perfect choice for building a tracker.

I purchased the GM862 Evaluation Kit (RS232 version) from SparkFun Electronics, at a cost of $309.60 (if you are in the UK import duty of around £25 may also be due, along with shipping). There are various other suppliers of GM862 based hardware, including Area SX s.r.l., Round Solutions (various development boards available), and Sequoia however unless you really know what you are doing, the cheapest / easiest solution will be to get the SparkFun Kit, which also includes the compatible evaluation / breakout board, antennas, power supply, and serial cable.

I found the SparkFun Electronics website / forums to be lacking any real information on how to actually get started developing on the module / with Python which was somewhat disappointing – I finally managed to piece together enough information to get started thanks to Google, the PDFs from Telit and information at Round Solutions and their forums.

After receiving the kit and putting it together (i.e. plugging in the module, antennas, SIM card, and serial cable) the first thing to do is test it is working. To do this check the DTR switch is set to "Low" i.e. program mode ("High" = Run Mode), power on the unit (hold the button for a few seconds until the green light starts flashing), open up a serial port communications program (e.g. HyperTerminal or Poderosa with Serial Port Plugin) and connect to it at 115200 bps, 8 data bits, no parity, 1 stop bits, no flow control. Issuing the command "AT" should result in the message "OK" being received. The device supports standard AT commands therefore it should be possible to e.g. connect a PC to the Internet via GPRS, establish a CSD call, send a fax, use certain PC based SMS application etc through it although I have not tested this.

The next thing to do is check the firmware version, use the command "AT+CGMR" if the result is anything less than 07.02.403, I would recommend download firmware version 07.02.403 and flashing the device. The process will take a good couple of minutes and I would advise not using the PC during this time, along with shutting down all non essential applications (flashing firmware in general can be risky and may result in an inoperable device if interrupted). Other firmware version may not work with the SMS software accompanying this article, also .403 provides extra functionality such as being able to read the GPS without disconnecting from an open socket connection.

There are two main choices available for writing Python code, either the provided Telit Python 1.5.2+ IDE, or your favourite text editor of choice. Personally I chose Edit Plus after adding in support for Python since I am already familiar with it.

When it comes to actually uploading / running / debugging code things get slightly more complicated.

At first glance the IDE appears to be a deceptively preferable option. The IDE allows you to write code, then immediately run it and see the result in a debug window at the bottom of the screen. It also features a "Tools" menu with a number of utilities for various tasks such as uploading / downloading files from the module. In theory this is a good idea since it saves the time consuming process of uploading code to the module itself, and then waiting for it to compile – a process which may take several minutes for large applications (of 7000 bytes or more), along with debugging on the module. However the IDE appears to work partly by unreliable emulation (some features not supported by the emulator, other features supported by the emulator and not supported by the GM862), and partly by connecting to the real device over serial. I had issues getting this to work correctly (manual editing of the custom modules in "C:\Program Files\Python\Lib" appears to be necessary depending on the serial ports you use), and found that the IDE actually slowed down the development process (over running code directly on the GM862) since I was constantly dealing with issues caused by the imperfect IDE. Some things worth noting are that the IDE supports floats whereas using floats on the GM862 will result in an exception error being thrown, also even with the (importable) modules that are supported on the GM862 for advanced code you may get different results compared to when run on the PC based IDE). Along with the custom modules described in the manual, the only other built in modules available on the GM862 are imp, marshal, md5, and sys.

To upload / run scripts on the module, the HyperTerminal "Send Text File" option can be used. For a description of the process see page 57-61 in the Telit "Easy Script in Python" guide (rather than rebooting the GM862 to run the script / turning the DTR switch to high, the command "AT#EXECSCR" can be used to run the previously enabled script). It is also possible to use the "Telit GM862 File Upload Utility" (see previous blog entry). However a much faster way is to use the RSterm application from Round Solutions (note if using RSterm the Python IDE is also required). Firmware version .403 appears to have a bug when trying to upload files larger than 7000 bytes, therefore you can either work around this by keeping files under that limit (by importing multiple files to make up your application), or use the "Telit GM862 File Upload Utility" which works around this issue by uploading large files in chunks, pausing in-between.

With RSterm you should choose "Open" on the initial screen, then switch to the "Telit Python" tab. This page allows you to view / upload / download files to / from the module. It also allows you to compile .py files to .pyo on the PC itself (after compiling use the "R" button to refresh the list), then just upload the resulting binary, enable it i.e. set it to run ("AT#ESCRIPT"), and run it ("AT#EXECSCR") this significantly speeds up development. You can not "Enable" a precompiled script, therefore if precompiling, you should "Enable" a non precompiled script which them imports the precompiled script (see SMS code for example). Even developing with RSterm is not perfect, I have had a number of crashes, however after using it you will learn how to avoid most of these. Mainly if you click a button, wait for a response or a timeout before clicking another, also sometimes there are focusing issues with the "ok" message box presented after a successful file upload – making the window width smaller means the message box can not be placed behind the main RSterm window bypassing the issue).

As far as debugging goes, for simple scripts it is not really required, and you can usually get by however when you are developing complicated applications on an unfamiliar hardware platform, with a language / language version (Python 1.5.2) you do not have any previous experience with it is a must.

The standard GM862 (without GPS option) apparently just sends Python debugging output (and anything "printed") to the serial port which would be just fine on the GM862-GPS also, however this is no longer available since the inbuilt GPS support makes use of the hardware that previously provided this functionality).

There is also functionality called CMUX (which enables many virtual serial ports, including the debug output serial port, over a single physical serial port) however along with the IDE it also has issues. It requires a time consuming, complicated process that must be followed to the letter to get it to work (not ideal since you will be rebooting the GM862 frequently while developing), and frequently crashes, requiring a PC reboot, and that was before I even managed to get it working (which I still have not done).

Without purchasing additional hardware it is also possible to send messages back to the PC via the serial port used to program the device. To do this simply import the serial module "import SER", setup the speed to match RSterm / HyperTerminal e.g. "SER.set_speed(‘115200′,’8N1’)", and send messages "SER.send(‘Running’)", "SER.send(‘Reached code block A’)". This will give you some level of debugging to track down issues with the code, however it is not true debugging so you do not see the actual error produced by the compiler – meaning you have to blindly guess what line the problem was on, and what the issue itself was which is not ideal.

The only reliable solution I have found is to purchase the hardware based Round Solutions Python-Debugger however this will require an additional PC serial port, and a custom cable. One end of the cable will need to be soldered onto the evaluation board, and the other a 2×5 double row IDC connector (Maplin: JB59P) which then plugs into the debug board.

After setting up a suitable development environment the next thing to do is write the code. I chose to use SMS messages as a transport mechanism. The process works as follows: A mobile phone is used to send an SMS to the GM862. The GM862 checks for new messages every 10 seconds, on finding one it checks the password, and parses out the command, if it recognises a request for a position, it sends the position back to the sender of the message, then deletes the message. The logic is not too complicated, however the code itself is somewhat involved due to the complexities of parsing message data since there are no inbuilt modules for this. The format required for the position request is "mypassword pos" or "mypassword position" (depending on which is easier if you have predictive text turned on). After receiving the position you can either convert the degrees/minutes/seconds to decimal Latitude/Longitude manually or use the provided HTML/JavaScript page which links through to Google/Multimap for displaying the position.

Boxing up the tracker for use in a vehicle I used the following parts:

In order to get the GM862 to automatically turn on when power is applied the on/off power button should be tied to ground. This is not the ideal solution since it compromises other features such as power saving however it is simple and works for this project. A better solution would be to design a circuit to ground the on/off switch for a few seconds only after power is first applied, e.g. using a capacitor etc.

The 9V car power supply adapter was set to 9V (be sure to use 9V since this particular adapter only provides regulation on 9V and under (setting it to 12V could result in 13+V being received by the evaluation board which may damage it). The adapter was also taken out of its case to fit in the project box. I chose to solder on a longer power cable to the cigarette lighter connector, and use some rubber stick on feet to keep the board from moving in the box, along with some stripboard to hold it in place, and separate the evaluation board from the power supply.

On my second design (shown in pictures above) I chose to add two extra LEDs which were linked to two free GPIO pins on the GM862 (via a 47KOhm Resistor, and 2N222 transistor) to provide GSM (GPRS) / GPS connection status however these were used in a later code revision and are not required / used by the SMS code. Original project box shown to the left / below, initially the power supply was external to the unit.

This article focused on using SMS text messages to transmit back position data on request. This is perfect for applications where it will have only occasional use, however if you are looking for a more advanced real time tracking / logging system with multiple units, requesting the position from each via SMS would quickly get tedious. A better solution is to use the GM862s socket / GPRS support to send back position data to a web server running e.g. a Google Maps based application every 1 minute or so when the vehicle is moving. It will depend on your provider however I found GPRS costs on the Orange UK PAYG network (£4 for £4MB with Orange World Multibundle Option) to work out significantly cheaper than 10p per SMS message). I may publish another entry describing the more involved processes for using GPRS at a later date.

I had been planning to write up this entry for a while, but in the mean time Alex at Tinkerlog beat me to it – all be it with a slightly different solution using an additional microcontroller which was not strictly necessary given the onboard Python interpreter.

Unless otherwise stated any mentions of GM862 in this article refer to the GM862-GPS.